How to better block phishing spam due to heartbleed?@psusi Heartbleed makes a nasty kind of phish possible: After locating a web site which still has the vulneratbility, the phisher send a "legitimate" email which links to the correct site. This is done in order to increase traffic to the site. The attacker then uses the heartbleed exploit to mine passwords and what-not. The phish isn't the main attack, but it's a way to make the main attack more fruitful.